[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: New Issue: Add a "Supported Claims Dialect" element To FederationMetadata
PLEASE DO NOT REPLY TO THIS EMAIL OR START A DISCUSSISON
THREAD UNTIL THE ISSUE IS ASSIGNED A NUMBER. The issues coordinators will notify the list when that has
occurred. Protocol: wsfed ws-federation-1.2-spec-ed-01.doc:
http://www.oasis-open.org/apps/org/workgroup/wsfed/download.php/24422/ws-federation-1.2-spec-ed-01.doc Artifact: spec Type: design Title: Add "Supported Claims Dialect” element To
Federation Metadata Description: The specification allows a federation provider to advertise
supported claim types but there is no means to advertise the specific dialects
in which those claims may be expressed. The ability to advertise supported
claims dialects should be added to federation metadata. Related issues: None Proposed Resolution: Introduce a new sub-section under Section 3.1 to define a
new [Federation Metadata] property that can be used to specify the supported
claims dialects as follows: 3.1.xx ClaimDialectsOffered Element The optional fed:ClaimDialectsOffered element allows a
federation metadata provider to specify the list of dialects, named using URIs,
that are accepted by its STS in token requests to express the claims
requirement. A federated partner can use is list to decide which dialect to use
to express its desired claims when requesting tokens from it. This
specification defines one standard claims dialect in the subsequent section
9.3, but other claim dialects may be defined elsewhere for use in other
scenarios. This element populates the [Federation Metadata] property. This is
typically specified by token issuers and security token services. This is
typically a service-level statement but can be an endpoint-level statement. The schema for this optional element is shown below. <fed:ClaimDialectsOffered> <fed:ClaimDialect Uri="xs:anyURI" /> + </fed:ClaimDialectsOffered> The following describes the elements listed in the schema
outlined above: /fed:ClaimDialectsOffered This element is used to express the list of claim dialects
that the federating STS can understand and accept. /fed:ClaimDialectsOffered/fed:ClaimDialect This element indicates an individual claim dialect that the
STS can understand. /fed:ClaimDialectsOffered/fed:ClaimDialect/@Uri This attribute provides the unique identifier (URI) of the
individual claim dialect that the STS can understand. /fed:ClaimDialectsOffered/fed:ClaimDialect/… The semantics of any content for this element are undefined.
Any extensibility or use of sub-elements MUST NOT alter the semantics defined
in this specification. /fed:ClaimDialectsOffered/fed:ClaimDialect/@{any} This extensibility mechanism allows attributes to be added
so long as they don’t violate or alter the semantics defined in this
specification. /fed:ClaimDialectsOffered/@{any} This extensibility mechanism allows attributes to be added
so long as they don’t violate or alter the semantics defined in this
specification. The following example illustrates using this optional
element to specify that the issuing STS of the federating organization can
accept the one standard claims dialect defined in this specification. <fed:ClaimDialectsOffered> <fed:ClaimDialect
Uri="http://schemas.xmlsoap.org/ws/2005/05/fedclaims" /> </fed:ClaimDialectsOffered> |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]